effect of internal control systems on performance … · oversampling techniques were adopted....

i

UNIVERSITY OF CAPE COAST

EFFECT OF INTERNAL CONTROL SYSTEMS ON PERFORMANCE

OF COMPANIES IN THE INSURANCE INDUSTRY IN GHANA

ANTHONY AMISSAH

2017

Digitized by UCC, Library

i

UNIVERSITY OF CAPE COAST

EFFECT OF INTERNAL CONTROL SYSTEMS ON PERFORMANCE OF

COMPANIES IN THE INSURANCE INDUSTRY IN GHANA

BY

ANTHONY AMISSAH

Thesis submitted to the Department of Accounting and Finance of the School

of Business, College of Humanities and Legal studies, University of Cape

Coast, in partial fulfilment of the requirements for the award of Master of

Commerce Degree in Accounting

JANUARY 2017


ii

DECLARATION

Candidate’s Declaration

I hereby declare that this thesis is the result of my own original work and that

no part of it has been presented for another degree in this university or

elsewhere.

Candidate‟s Signature…………………………. Date……………………..

Name: ................................................................................................

Supervisors’ Declaration

We hereby declare that the preparation and presentation of the thesis were

supervised in accordance with the guidelines on supervision of thesis laid

down by the University of Cape Coast.

Principal Supervisor‟s Signature………………… Date……………………….

Name: .................................................................................................

Co-Supervisor‟s Signature………………………. Date………………………

Name : ................................................................................................


iii

ABSTRACT

The performance and survival of any industry in a rapidly changing

environment, among other factors, depends largely upon the internal control

systems (ICS) put in place. Given the critical role that ICS play in every

industry, the study sought to examine the effect of ICS on performance of

companies in the Ghanaian insurance industry. The five variables of ICS

developed by the Committee of Sponsoring Organisations (COSO) were used

as independent variables whereas the dependent variable relied on

performance measures of building block model. Cross-sectional survey design

was used and data were obtained from a sample of 91 out of a population of

113 using questionnaires. Stratified, simple random, purposive and

oversampling techniques were adopted. Analyses of the data involved

descriptive statistics, Kruskal-Wallis, Mann Whitney U Test and ordinary least

square regression techniques from Statistical Product for Service Solutions

version 21 (SPSS 21.0). Key findings suggested that oil and gas, lost adjustor

and reinsurance firms had low levels of performance and weak ICS whereas

brokerage, life and non-life insurance firms had strong ICS and high levels of

performance. Findings also revealed significant difference in the risk

assessment procedures of non-life and brokerage firms. The study also found

that ICS significantly influenced performance. It was concluded that life, non-

life and brokerage insurance companies paid much attention to their control

systems. Recommendations were made to reinsurance, oil and gas, and lost

adjuster firms in the industry to strengthen their information and

communication systems. Non-life and brokerage firms were also advised to

adopt risk assessment procedures based on their organisational context.


iv

KEYWORDS

Internal control systems

Insurance companies

Performance


v

ACKNOWLEDGEMENTS

My ultimate gratitude goes to Prof. Francis Enu-Kwesi, and Rev.

George Nii Tackie, my principal and co-supervisors respectively, for the in-

depth knowledge and understanding I gained from their advice, criticism and

suggestions, which helped shape the work to its present level. To Prof. Nelson

Buah, Prof. T. K. Oduro, Prof. Edward Marfo-Yiadom, Prof. Ernest Davies,

Prof. Boachie-Mensah, Dr. Frimpong Siaw, Dr. Mohammed Zangina Isshaq,

Mr. Albert Koomson, Dr. Anokye Adams and Dr. Daniel Agyapong all of

University of Cape Coast, I owe you a debt of gratitude for your kindness,

inspiration and advice during my study.

I wish to express my sincere appreciation to the entire 2015 M.Com

(Accounting) and MBA (Accounting) class, especially Alhassan Trawuli

Yussif, Stephen Amponsah, Yaw Sekyere, and Paul Beret for their unflinching

support during the period of my study. This work would not be complete

without your selfless assistance and advice. I am also thankful to the staff of

the National Insurance Commission and other players of the insurance

industry, especially Mr Kojo Ghanney and Mr Cosmos for their support. To

the academic and administrative staff of the School of Business, University of

Cape Coast, accept my gratitude for your support.

To my family, Robert Amissah, Hannah Amissah, Joana Otoo,

Buckman , Millicent, Patricia, Anas, Amanda, Bene and Joe, I am extremely

grateful for your encouragement and support throughout these years. Finally,

to all my friends and colleagues especially, Lucy Abedu Amoah and Ekow

Ocran, I have not forgotten you. Your advice, assistance and encouragements

have been of great benefit to me. I am forever grateful.


vi

DEDICATION

To Mr. Albert Kobina Koomson, Mr. Robert Amissah, Mrs. Hannah Amissah,

Dr. Bawa and Ms Joana Otoo.


vii

TABLE OF CONTENTS

Page

DECLARATION ii

ABSTRACT iii

KEYWODRS iv

ACKNOWLEDGEMENTS v

DEDICATION vi

LIST OF TABLES xi

LIST OF FIGURES xiii

LIST OF ACRONYMS xiv

CHAPTER ONE: INTRODUCTION 1

Background to the Study 1

Statement of the Problem 6

Objective of the Study 8

Research Question 9

Hypotheses 9

Significance of the Study 9

Delimitation 10

Limitations 11

Definition of terms 11

Organisation of Study` 12

CHAPTER TWO: REVIEW OF RELATED LITERATURE 14

Introduction 14

Evolution of Internal Control Systems 14


viii

Theoretical Framework 16

Agency Theory (AT) 17

Contingency Theory (CT) 20

Conceptual Issues and Study Variables 23

Internal Control Systems (ICS) 23

Control Environment (CE) 27

Risk Assessment (RA) 29

Control Activities (CA) 31

Information and Communication (IC) 33

Monitoring of Controls (MC) 34

Performance Measurement 37

Empirical Review 41

Lessons Learnt and Knowledge Gap 55

Conceptual Framework of the Effect of Internal Control Systems

on Performance 57

Chapter Summary 59

CHAPTER THREE: METHODOLOGY 60

Introduction 60

Research Approaches and Study Design 60

Study Area 64

Target Population 66

Sample and Sampling Procedure 67

Data Collection Instrument 70

Pre-Test 74

Reliability 75


ix

Ethical Consideration 76

Data Collection Procedures 76

Data Processing and Analysis 78

Chapter Summary 83

CHAPTER FOUR: RESULTS AND DISCUSSION 84

Introduction 84

Characteristics of Companies that Responded 84

Condition of Internal Control Systems and Performance 86

Condition of Internal Control Systems 86

Condition of Performance 114

Differences in Internal Control Systems 119

Effect of Internal Control Systems on Performance 135

Chapter Summary 142

CHAPTER FIVE: SUMMARY, CONCLUSIONS AND

RECOMMENDATIONS 143

Introduction 143

Summary 143

Conclusions 149

Recommendations 150

Suggestions for Further Research 152

REFERENCES 153

APPENDICES

A Categories of Companies in the Insurance Industry 173

B Krejcie and Morgan‟s Table for Determining Sample Size

from a given Population 174


x

C Questionnaire 175

D Letter of Introduction 185

E Skewness Values for Variables 186

F Multicollinearity Test 187

G Test of Normality 188

H Test of Outliers 189


xi

LIST OF TABLES

Table Page

1. Internal Control Systems and Factor Structure 36

2. Population of Companies in the Insurance Industry in Ghana 67

3. Initial and Adjusted Sample Sizes of Participating Companies

in the Ghanaian Insurance Industry 69

4. Reliability Coefficients Scores for Data Collected During

Pilot Study 75

5. Frequency Distribution of Disbursed and Retrieved

Questionnaires 78

6. Normality Distribution of Responses on Control Environment

Risk Assessment, Control Activities, Information and

Communication, Monitoring and Performance 79

7. Breakdown of Companies 85

8. Mean Ranks for Control Environment 122

9. Test Statistics for Control Environment 122

10. Mean Ranks for Risk Assessment 124

11. Test Statistics Results for Risk Assessment 125

12. Mean Ranks for Control Activities 127

13. Test Statistics Results for Control Activities 127

14. Mean Ranks for Information and Communication 130

15. Test Statistics Results for Information and Communication 130

16. Mean Ranks for Monitoring 132

17. Test Statistics for Monitoring 132

18. Mean Ranks for Internal Control Systems 133

19. Test Statistics Results for Internal Control Systems 134


xii

20. Standardized Multiple Regression Analysis Summary for

Internal Control Dimensions Predicting Performance 136


xiii

LIST OF FIGURES

Figure Page

1. COSO Internal Control Integrated Framework 26

2. Conceptual Framework of ICS and Performance 58

3. Organogram of Insurance Industry in Ghana 65

4. Map of Ghana 66


xiv

LIST OF ACRONYMS

AAA American Accounting Association

AICPA American Institute of Certified Public Accountants

ANOVA Analysis of Variance

CEIOPS Committee of European Insurance and Occupational

Pensions Supervisors

CEIS Conference of European Insurance Supervisors

CoCo Criteria of Control

COSO Committee of Sponsoring Organisations

FEI Financial Executives Institute

IAA Internal Audit Agency

IAIS International Association of Insurance Supervisors

ICS Internal Control Systems

IIA Institute of Internal Auditors

IMA Institute of Management Accountants

INTOSAI International Organisation of the Supreme Audit

Institution

JIA Japanese Insurance Authority

SOX Sarbanes-Oxley Act

UK United Kingdom

USA United States of America


1

CHAPTER ONE

INTRODUCTION

Background to the Study

Organizations face internal and external forces that call for a strategy

to help them continue to be relevant and competitive in the business

environment (Strickland, 2007). The organisations‟ ability to meet their

objectives with respect to remaining competitive and relevant rests largely on

the policies and strategies as well as the effectiveness of procedures

established to safeguard their operations (Kaplan, 2007). Originating from the

agency theory and buttressed by the contingency theory are internal control

systems (ICS) which ensure effective management of resources in addition to

effective and efficient operations (Jokipii, 2009). Owing to the changing

competitive surroundings, the extent to which ICS of organisations must be

extensively structured to safeguard continuous increase in returns has become

obvious (Ndungu, 2013).

ICS are systems made up of procedures and policies that help to

safeguard a company‟s assets, provide trustworthy financial reporting,

enhance compliance with rules and regulations and achieve efficient and

effective operations (Omani-Antwi, 2009). These systems of procedures and

policies, according to Gray and Manson (2011) are usually associated with

internal and external communication processes of an organisation, as well as

procedures for managing corporate finance, the preparation of accurate and

reliable financial reports on a timely manner, and the maintenance of

inventory records and properties.


2

The framework for internal control systems developed by the

Committee of Sponsoring Organization of Treadway Commission (COSO)

argue that every sound system of internal control must have five components

namely: control environment, risk assessment, control activities, information

and communication and monitoring of internal control (COSO, 1994).

According to Pickett (2010), these components interact among each other,

forming an integrated system that reacts dynamically to changing conditions.

In essence, the ICS is intertwined with the entity‟s operating activities and is

fundamental to the successful operation of the enterprise (Steinberg, 2011).

Theoretically, the positive association between the variables of internal

control systems and performance is firmly grounded in the agency theory. As

advocated by Sharma (1997), the agency theory is based on the assumption of

separation of ownership and control wherein managers are autonomous and

are likely to increase their personal gains at the expense of owners. For this

reason, the agency theory stresses that in order to align managers‟ interests

with those of the organization, firms implement management control systems,

which consist of various control mechanisms, including, monitoring systems,

and internal controls to resolve goal conflicts (Zimmerman, 2011).

The proponents of the contingency theory, on the other hand, posit that

the best way to organize a firm is contingent on the environment in which it

functions (Richard, 1992). Thus according to the contingency theory, a

company would achieve its goals when it is organized based on the

environment in which it relates (Richard, 2003). Consistent with COSO

(1994), the contingency theory claims that different kinds of controls should

be put in place to accomplish different objectives while considering the


3

business environment so as to achieve performance targets (Chenhall, 2003;

Jokipii, 2009; Luft & Shields, 2003).

From the empirical perspective, the positive relationship between the

COSO internal control systems variables and performance is not quite clear.

Muraleetharan (2011) posits that internal control-performance relationship is

influenced by some but not all of the internal control systems variables.

According to Muraleetharan, risk assessment, control activities as well as

monitoring of the COSO framework for internal control variables influence

the positive link, while the relationship using control environment and

information and communication fails to lend itself to prediction. On the

contrary, results from Njeri (2014) have revealed that all elements except

information and communication of the COSO framework of internal control

systems predict the positive relationship.

To augment the findings of Muraleetharan (2011) and Njeri (2014),

results from Europe on the study of enterprise risk management and

performance have shown a negative relationship between high levels of

enterprise risk management and performance (Eikenhout, 2015). Per these

findings, the relationship between the elements of internal control and

performance is not quite clear. To add to the foregoing discussion, the

literature on ICS lacks studies on the conditions of ICS and performance as

well as differences in the components of internal control systems.

Performance measures have been viewed from several perspectives by

academic and professional researchers. Bourne, Neely, Mills and Platts (2003)

define performance measurement as metrics used to quantify and compute an

action‟s efficiency and effectiveness. Performance assessment, according to


4

Smith (2005), could be financial or non-financial. Financial performance

measures are those which use financial performance indicators such as profit

margin, return on assets and return on equity in measuring organisational

performance. Non-financial performance measures, on the other hand, rely on

performance indicators that are non-financial such as quality of service,

resource utilisation, innovation and competitive performance (Epstein, &

Manzoni, 2010).

Globally, ICS are important to the performance of the insurance

industry since they play critical roles in any economy (Committee of European

Insurance and Occupational Pensions Supervisors [CEIOPS], 2003). In view

of its significance in insurance undertakings, the Conference of European

Insurance Supervisors (CEIS) agreed, during its 118th Session, to create a

working group with the task of bringing into being a framework on ICS for the

insurance sector (CEIOPS, 2003). To argue further, the inspection manual of

the Japanese Insurance Authority [JIA] (2012) also maintains that directors

must develop a befitting system to secure the sound and appropriate

management of the insurance company‟s business. This means that ICS are

paramount to the performance of the insurance industry in the global world.

The performance of both private and public institutions in Ghana also

depends largely on sound systems of internal control. To buttress this point,

the then president of Ghana, Mr. J.A. Kuffour, being aware of the impact of

internal control on performance, urged all public sector chief executives to

develop and implement effective internal control systems at the second annual

internal auditors‟ forum organised by the Internal Audit Agency (IAA) in

Accra in 2007 (Ekow, 2007).


5

A case in point is the performance of companies in the Ghanaian

insurance industry, one of the thriving industries with huge potential for

growth (PwcGhana, 2006). Being mindful of the importance of ICS in the

industry, the National Insurance Commission [NIC] (2010) stated in its annual

report that the commission is preparing to issue a corporate governance and

risk management code to guide industrial players in building sound and

effective governance and risk management structures. According to NIC, the

risk management code which will have principles on internal controls will

bring significant improvement to the financial soundness, stability and

profitability of the industry.

In Ghana, companies in the insurance industry are incorporated by

legislation to undertake operations in one of the following: life, non-life,

reinsurance, brokerage, lost adjuster, reinsurance brokerage and oil and gas

(NIC, 2014). By the end of January 2014, the insurance sector in Ghana,

according to insureGhana.com (2014), comprised 19 life insurance companies,

26 non-life insurance companies, 2 reinsurance companies, 63 brokerage

companies, 1 loss adjuster, and 1 reinsurance brokerage and 1 oil and gas

company. These companies are regulated by the Insurance Act in Ghana.

The Insurance Acts 2006, Act 724, which serves as the rules and

regulations for governing the activities of companies in the insurance sector,

complies significantly with the International Association of Insurance

Supervisors (IAIS) Core Principles, and gives better regulatory powers to the

National Insurance Commission, the regulatory body of the industry. The

object of the Commission, as detailed in Act 724 is to ensure effective

administration, supervision, regulation and control the business of insurance in


6

Ghana. The NIC requires companies in the sector to adopt good corporate

governance practices and effective risk management strategies.

Statement of the Problem

In the ambiance of the globalization of business operations and the

increasing use of information technologies, complexities of business

transactions, and business risk, the role of internal controls as a corporate

governance mechanism is becoming increasingly important (Jovanović &

Ljubisavljević, 2011). This is because in one of the earliest contributions,

Bastia (2008) maintained that the management of the complexities following

globalization increased the need for adequate internal control systems which in

turn control risks as well as pursue business performance.

Drawing on the agency theory, ICS play a vital role in enhancing the

performance of institutions (Ahiabor & Mensah, 2013). Due to the sensitivity

and crucial role of ICS, researchers have strived to evaluate its consequence

on firm performance (Ejoh & Ejom, 2014; Mawanda, 2008; Muraleetharan,

2011; Noel, 2010; Oyoo, 2014; Simangunsong, 2014). Nonetheless, some of

these studies are limited in scope in terms of choice of internal control

dimensions used. For instance, Noel employed two components, while

Mawanda and Oyoo used three out of the five variables of COSO framework

of internal control systems. This makes their findings not comprehensive for

decision making purposes and often generated weaker R-square. This is

because COSO posits that for ICS to be effective, all five elements must work

together in an inter-related and coordinated manner.

On the other hand, the known comprehensive studies in the accounting

literature are very difficult to follow for the reason that they have yielded


7

different results (Muraleetharan, 2011; Widyaningsih, 2014). While the study

of Muraleetharan revealed that risk assessment, control activities in addition to

monitoring influence the positive association between internal controls and

performance, Widyaningsih on the other hand submits that control

environment, control activities and monitoring predict the positive

relationship.

In addition, some of the existing studies on internal controls such as

Dineshkumar and Kogulacumar (2012), Chebungwen and Kwasira (2014) and

Ejoh and Ejom (2014) also suffer methodological weaknesses. These

researchers focused on examining how internal controls influence performance

but used only correlation method which makes their results and findings

inconclusive. This is because correlation, according to Fink (2013), is

appropriate to estimate associations or relationships between variables and not

the extent of one variable causing or predicting the outcome of the other.

Similarly, there are few known studies that have been conducted in

Ghana regarding internal control systems. These works including Gyebi and

Quain (2013) and Nkuah, Tanyeh and Asante (2013) were geared towards

companies other than those in the Ghanaian insurance sector. Furthermore, the

very few works geared towards the insurance industry in Ghana, including

Oscar-Akotey, Sackey, Amoah, and Frimpong-Manso‟s (2013) and Boadi,

Antwi and Lartey‟s (2013) focused on financial performance of life insurance

companies in Ghana and the determinants of profitability of insurance firms in

Ghana respectively. To add to the foregoing discussion, the literature on ICS

lacks studies on the conditions of ICS and performance as well as differences

in the components of internal control systems.


8

The implication of the above discussion is that a gap exists in the

literature concerning the effect of ICS on the performance of companies in the

insurance industry, conditions of ICS and performance and differences in the

ICS components among the companies in the industry. This is because,

notwithstanding the importance of internal controls to the performance of

organisations (Njeri 2014), there is no known study that has looked at the

influence of internal control systems on the performance of companies in the

insurance sector in Ghana. Therefore in a bid to fill this gap and add to the

existing body of knowledge, the researcher examines the effects of the five

elements of internal control systems on the performance of companies in the

insurance sector in Ghana.

Objective of the Study

The general objective of this study was to examine the effect of

internal control systems on the performance of companies in the insurance

industry in Ghana.

Specifically, the study sought to:

1. Assess the condition of internal control systems and performance of

companies in the insurance industry in Ghana.

2. Investigate whether there are significant differences in the internal

control systems of companies in the Ghanaian insurance industry.

3. Examine the effect of internal control systems on performance of

companies in the insurance industry.


9

Research Question

The following research question was set to achieve objective one of the study.

1. What are the conditions of internal control systems and performance of

companies in the Ghanaian insurance industry?

Hypotheses

In order to achieve objective 2 and 3, the following research

hypotheses were formulated. The null hypotheses 1 and 2 relate to objective 2

and 3 respectively.

H1: There are no significant differences in the internal control variables

across the various categories of companies in the Ghanaian insurance

industry.

H2: Internal control systems have no significant effect on the performance

of companies in the Ghanaian insurance industry.

Significance of the Study

This study is vital in that it offers a knowledge contribution and a

policy contribution. It will significantly serve as literature that would add to

academic knowledge in the area of internal control systems for companies in

the insurance industry in Ghana. It will also provide intuitions to support

future research regarding internal control systems for companies in this sector.

This is because to the best of the researcher‟s knowledge there has not been

any prior study on the effect of internal control systems on performance of

companies in the Ghanaian insurance sector.

As for the policy contribution, the owners and management of

companies in the Ghanaian insurance industry can resort to the findings and


10

recommendations of the study to create or redefine effective internal control

systems that will help the companies to achieve their performance target. It

will also help the policy makers in the industry to formulate appropriate

policies that will enhance growth in the insurance industry in the country.

Delimitation

This study concentrated on the effect of internal control systems on

performance of companies in the Ghanaian insurance industry. For the

purpose of the study, internal control systems comprised the five elements of

the integrated framework of internal control systems designed by COSO.

These elements include control environment, risk assessment, control

activities, information and communication and monitoring. The effect of other

variables such as internal audit was not considered.

The population consisted of life insurance, non-life insurance,

reinsurance, brokerage, reinsurance brokerage, lost adjuster and oil and gas

companies licensed to operate in the Ghanaian insurance industry for the year

2014. The study also considered the differences among the internal controls

and performance of the various categories of companies in the insurance

industry in Ghana. In addition, the effect of the explaining variables was

assessed for only 2014 calendar year. This is because as at 2014, there was no

known research that had looked at the effect of internal controls on the

performance of companies in the Ghanaian insurance industry.

The performance measures were selected based on the building block

model designed by Fiztgerald and Moon (1996). They included financial

performance measures and non-financial measures. The financial measures

focused on return on assets and liquidity. Of the two, the non-financial


11

performance measures included customer base, quality of service, flexibility,

resource utilisation and innovation. Stock market performance measures were

however not considered since most of the firms are not listed on the stock

exchange. Therefore, the study should be viewed as such.

Limitations

Data collected on internal control systems and performances were

based on personal assessment due to the need to combine the different units of

performance. The instrument used the five COSO variables in capturing

internal control. Other measure of internal control such as internal audit was

excluded. Performance measures adopted Fitzgerald and Moon‟s (1996)

measures of performance. Control variables were not included because the

effects of other variables were captured in the error term.

Definition of Terms

Internal control systems

Internal control systems are processes effected by an entity's board of

directors, management and other personnel, designed to provide reasonable

assurance regarding the achievement of objectives with respect to

effectiveness and efficiency of operations, reliability of financial reporting and

compliance with applicable laws and regulations. It comprises control

environment, risk assessment, control activities, information and

communication and monitoring.

Firm performance

Firm performance denotes companies‟ respondents personal

assessment of their company‟s efficiency and effectiveness in ensuring the


12

achievement of organisational goals. It covers financial and non-financial

performance indicators of the building block model developed by Fiztgerald

and Moon (1996) for measuring firm performance in the service industry. The

financial indicators are return on asset and liquidity. The non-financial

indicators also capture customer base, quality of service, flexibility, resource

utilisation and innovation.

Companies in the Ghanaian insurance industry

Companies in the Ghanaian insurance industry refer to all companies

in the insurance sector. It encompasses life insurance, non-life insurance,

reinsurance, oil and gas, brokerage, reinsurance brokerage, and lost adjuster

companies.

Organisation of the Study

This thesis is organised into five chapters. Chapter one presents the

general introduction. This chapter covers background to the study, statement

of the problem, objectives of the study, research hypotheses, delimitation,

significance of the study, definition of terms and the organisation of the study.

The review of related literature forms the second chapter. The chapter two

presents the introduction, evolution of internal control systems, theoretical

review, conceptual issues, empirical review, lessons learnt and knowledge gap

as well as the conceptual framework.

The methodology is also presented as the third chapter. The chapter

specifically presents the introduction, the study area, population, sampling

procedures, data collection, measurement instrument, pre-test and data

analysis techniques. Chapter four presents the results and discussions. It


13

analyses the results and presents the major findings from the study. The

summary, conclusions and recommendations is the last chapter.


14

CHAPTER TWO

LITERATURE REVIEW

Introduction

This chapter reviews literature on the theoretical basis of the study as

well as the conceptual issues emanating from the theories. Some empirical

studies on the subject are also reviewed. The literature review provides the

context for the research, recognizing where the study fits into the existing

body of knowledge (Boote & Beile, 2005). It shares with the reader the results

of similar studies that are closely related to the one being undertaken. The

literature review also relates the study to the on-going dialogue in the

literature, filling in gaps and extending prior studies (Cooper, 2010; Marshall

& Rossman, 2011).

Prior to the review of the theories underpinning the study, a brief

evolution of internal control systems is discussed. A review of conceptual

issues originating from the theories along with empirical studies is then

considered. Issues and lessons learnt from the review are also discussed, upon

which the conceptual framework for the study is constructed.

Evolution of Internal Control Systems

The repercussions of the stock market crash, in 1929, led to the

enactment of the Security Acts, 1933 and the Securities Exchange Acts, 1934

with the former relating to internal control systems and audit procedures in the

United States of America (USA) (Wegman, 2008). Furthermore, the National

Commission on fraudulent Financial Reporting known as the Treadway

Commission was sponsored in the 1980‟s by the American Institute of

Certified Public Accountants (AICPA), the American Accounting Association


15

(AAA), the Institute of Internal Auditors (IIA), the Institute of Management

Accountants (IMA) and the Financial Executives Institute (FEI) to develop a

framework for evaluating the effectiveness of internal control systems

(Moeller, 2011).

In order to develop the framework, Norfolk (2011) submits that a

committee known as the Committee of Sponsoring Organisation (COSO) was

then formed by the Treadway Commission to research on internal control

systems. This Committee in 1992 issued the Integrated Framework for internal

control systems. Equally, the Cadbury report which served as the UK‟s first

corporate governance code was also issued in 1992 (Jordan, 2012). This report

which emphasized how companies ought to be directed and controlled was

first published with particular attention on the financial aspects of corporate

governance and has become the foundation of corporate governance systems

worldwide (Kaplan, 2012).

In 1995, another committee known as the Greenbury Committee was

formed to investigate shareholder concerns over directors‟ remuneration. This

committee, according to Norfolk (2011), came up with a report which

contributed to the existing code regarding directors‟ remuneration. The report

centred on providing a means of establishing a balance between salary and

performance in order to restore shareholders‟ confidence (Doucouliagos,

Haman, & Stanley, 2012; Kaplan, 2013). In 1998, the combined code which

represented the consolidation of the Cadbury, Greenbury (1995) and the

Hampel reports was issued.

Additionally, the Turnbull report was also issued in 1999. This report

provided guidance to companies on how to implement the requirements


16

relating to internal controls. As indicated by Kaplan (2013), the report

improved upon the guidance on internal control systems by asserting that the

board of directors should adopt a risk-based approach to establish sound

systems of internal control and report on its effectiveness on a regular basis.

Subsequently, the Sarbanes-Oxley Act (SOX) was passed in the United State

of America (USA). The SOX was in response to the global corporate and

accounting scandals which affected Enron Corporation, Tyco, WorldCom and

others (Coalson, 2014).

Following the Sarbanes-Oxley Act was the Smith‟s report in 2003,

which suggested roles and duties for audit committees and the relationship that

ought to exist between the auditors and the company. Similarly, the revised

combined code (2003) which reflects both the SOX and the Higgs‟ Report –

UK (2003) was also issued to govern how organisations should be directed

and controlled. As pointed out by Norfolk (2011), the Higgs‟ review focused

on the role and effectiveness of non-executive directors in implementing of

good corporate governance.

A brief evolution of internal control systems and the reasons why it

came into being have been discussed. The next section focuses on postulations

or theories which back the effect of internal control systems on performance of

companies in the Ghanaian insurance industry.

Theoretical Framework

The theoretical foundation of this study opens with the agency theory.

It continues with the contingency theory of organisations. These theories are

pertinent in explaining firm performance. The agency theory focuses on

principal-agent relationship and how to resolve the problems emanating from


17

such relationship. The contingency theory relates to how an organisation could

be organised in order to enhance firm performance.

Agency Theory (AT)

The agency theory addresses the best way to organize relationships

wherein one party, the shareholder or the principal defines the work whereas

another party, the manager or the agent performs the work (Connelly,

Hoskisson, Tihanyi, & Certo, 2010; Eisenhardt, 1989; Jensen & Meckling,

1976). In this relationship, the principal employs an agent to perform a task, or

to do the work that the principal is unwilling or unable to do. For instance, in

companies the principals are the shareholders of the company, entrusting the

agent - board of directors to carry out tasks on their behalf. This implies that

the assumptions of the agency theory are based on preferences and motives

behind human behaviour (Sarens & Abdolmohammadi, 2011).

According to Pratt and Zeckhauser (1985), the separation of ownership

from management could result in likely goal conflicts between agent and

principal. The theory further posits that the agents are autonomous and are

prone to increasing their personal gains at the detriment of principals (Sharma,

1997). This connotes that different people would have different motives and

would make every effort to achieve those motives (Koch, Ostner, Peisker &

Schülke, 2009). Similarly, the agency theory postulates that both the agent and

the principal are influenced by self-interest and thus, may not act in

accordance with each other‟s interest (Jensen & Meckling, 1976).

The agency theory, according to Arnold and De Lange (2004) and

Miller (2005), also assumes that problem of information asymmetry may exist

between the agent and the principal due to the separation of ownership from


18

control. Information asymmetry arises when one faction to a transaction has

superior information compared to the other (Lang, 2006). Generally, the

agents are better informed about the day to day management of the firm than

the principals (Eilifsen, Messier, Glover & Prawitt, 2006). Therefore, the

theory argues that as a result of information asymmetry and self- interest of

agents, principals lack reasons to trust that agents will act in their best interest

(Bonazzi, & Islam, 2007; Lan, & Heracleous, 2010). Where such an alignment

between the agents actions and the principals interest fails to meet, agency loss

occurs which in turn run down organisational performance.

In contribution, Asare (2006) explains that to reduce the potential

agency loss, the principal tasks those charged with governance to design and

implement internal controls purposely to achieve organisational objectives. In

a similar link, Zimmerman (2011) asserts that to reduce the agency cost,

management interest ought to be aligned with those of the organisation

through the implementation of management controls such as monitoring

systems and internal controls. In furtherance, El-Mahdy and Park (2013)

maintain that strong internal mechanisms align the interests of agents with

principals and minimize the scope for information asymmetries and

opportunistic behaviour, hence stimulating frim performance. This suggests

that effective internal control positively affects performance when it induces

managers to undertake activities that enhance the interest of shareholders.

Although Arwinge (2013) agrees with the role of internal controls in

reducing agency cost and improving performance, Arwinge stresses that the

mere design or installation of internal control systems does not minimize

agency cost. Arwinge argues that the important aspect is the commitment to


19

implementation by those responsible. Equally, COSO (2013) and Gyasi (2013)

claim that it is the effective design and implementation of internal control

systems that enhances overall performance. Thus, only effective internal

control systems help organizations achieve their operational, financial

reporting and compliance objectives.

By the same token, the theoretical reviews of the agency theory and its

assumptions have been tested empirically. For instance, Cao Thi Thanh and

Cheung (2010) relied on the agency theory to test the quality of internal

control reporting and the quality of accounting. They observed that quality

internal controls minimize information asymmetry through quality reporting.

Quality internal controls enhance transparency in reporting and reduce agency

cost. Since agency cost depletes returns, it contributes positively to

performance when reduced. Similarly, Njeri (2014) used the agency theory as

one of the theories in studying the effect of internal controls on the

performance of manufacturing firms in Kenya.

Notwithstanding the theoretical arguments provided by the agency

theory on the effect of internal control on firm performance, critics have

questioned some of its assumptions. Bruce, Buck and Main (2005) have

argued that the self-interest of agents is an extremism assumption. They stress

that self-interest assumption makes goal congruence unrealistic in principal-

agent relationship. Similarly, De T‟Serclaes and Jollands (2007) have argued

that self-interest varieties should not always be considered as negative as

portrayed by the agency theory. They further claimed that the self-interest

could also have positive consequence, stressing that self-interest is inescapable

and that individuals may be motivated by more than just money, since they


20

exhibit needs for achievement, recognition and responsibility. These

exhibitions may positively affect performance of companies.

Critics of the agency theory also argue that the theory pays no attention

to the role of a firm regarding competitive realities, their varying surroundings

and the need to relocate resources within a company so as to keep growing

(Foss, 1999). Also, Lubatkin (2005) argues that the agency theory does not

explain the difficulties of real-world companies. In simple terms, real world

companies expand from shareholders‟ interest to stakeholders‟ concept and

how the business and the concept affect each other.

The agency theory, its underlying assumptions, criticisms and how the

theory impacts on business performance through the installation and

implementation of internal control systems have been discussed. The next

section opens with the contingency theory which transcends the agency theory

to explain how organisations can structure their internal control systems to suit

contingency circumstances so as to boost the effectiveness of control systems

and performance.

Contingency Theory (CT)

The contingency theory, according to Drazin and Van de Ven (1985)

and Scott (1992), suggest that the optimal way in which a company could be

organised is contingent or dependent on the kind of environment in which the

company operates. The followers of the contingency theory assert that the

theory is based on two assumptions. First, it assumes that no strategy is

considered “universally superior” (Bergeron, Raymond & Rivard, 2001;

Venkatraman, 1989), and there is no one best way in which a company could

be organized (Donaldson, 2001). Of the second assumption, the theory


21

postulates that the choice of approach, structure or control system depends on

the contingency circumstances such as the environment, risk profile, strategy,

size, the organisational structure and best activities at hand (Chenhall, 2003;

Donaldson, 2006; Richard, 2003).

Concerning the second assumption, Macintosh (1994), Hoque and

James (2000), Chenhall (2003) and Pfister (2009) explain that for an

organisation to perform well and achieve its corporate goals, the structure as

well as the context of the organisation must match or fit each other. To

buttress this argument, Jokipii (2009) points out that several frameworks

namely the COSO and Criteria of Control (CoCo) assume the need for

dissimilar organisations to have different internal control systems based on

their contingency characteristics. This view is analogous with the contingency

theory which contends that each organisation has to choose the most

appropriate control system by taking into account contingency characteristics

(Fisher, 1995; Luft & Shields, 2003; Jokipii, 2009).

It is clear from the foregoing that two organisations should not

necessarily have similar internal control systems unless the organisations are

identical. Thus the need for and specifics of internal control systems may vary

in organizational contexts. This argument presented in the internal control

systems framework (COSO 1994, p. 18) is parallel to the contingency theory.

Drazin and Van de Ven (1985) and Donaldson (2006) note that the „match‟

also known as „fit‟ is the drive that stimulates performance. It implies that

successfully adapting control systems to suit organisation‟s contingency

characteristics result in effective internal control systems and better

organisational performance (Pock, 2007).


22

In furtherance, some elements of the contingency theory are related to

the components of internal control systems. This denotes that first and

foremost, there is a link between the structure of internal control systems and

contingency characteristics which define the structure of internal control

(Donaldson, 2006). For this reason, changes in contingency factors imply

changes to the structure of internal control systems so as to enhance its

effectiveness, hence organisational performance (Dropulić, 2013).

Specifically, the contingency theory puts forward that companies are

not closed systems which could be structured without considering

environmental characteristics and the manner in which they affect the

company (Jokipii, 2006). Jopkpii explained that to improve and maintain

performance, firms ought to continually assess the risk of interaction with the

environment, monitoring processes and the commitment of the organisation to

such contingencies. This suggests that internal control as part of organisational

structure or design is not static. Additionally, Eriksson-Zetterquist, Müllern,

and Styhre (2011) suggest that the theory helps to relax the idea that the only

best way to organize a company is meeting shareholders‟ goal as suggested by

the agency theory.

Equally, the implication of fit and misfit between the structure and the

contingency variables on business performance enables managers to gain

proper insight as to why continual changes ought to be made to organizational

design when contingencies features keep changing (Gerdin & Greve, 2004).

Donaldson (2006) further opines that when companies either intensify the

extent of the internal control implementation or review of the controls, they


23

keep on minimizing the misfit to quasi-misfit and ultimately enhance

performance.

Although the contingency theory is well pronounced in establishing

links between internal control system and performance (Donaldson, 2001;

Islam & Hu, 2012; Pock, 2007), critics of this theory have cited that an

organization does not necessarily have to adapt to the external environment

(Hodges & Gill, 2014). They argued that it is not always prudent for

companies to attain a fit with their contingencies because, as the company

changes its structure to match the existing contingencies, the contingencies

also keep changing, and thus, the change in structure of the organization

would not deliver the desired fit. As a result, the company may not achieve

full fit, but a pseudo fit, a structure that fits the contingencies just partially and

not fully. The next segment focuses on the conceptual issues.

Conceptual Issues and Study Variables

This section discusses the variables and conceptual issues that

originate from the theories as they relate to the research. The delineation and

element of each variable are also discussed in this section. The section

comprises discussions on the five components of internal control systems,

namely; the control environment, risk assessment, control activities,

information and communication, and monitoring.

Internal Control Systems (ICS)

Internal control systems refer to the combined methods, plans and

procedures which safeguard the assets of a firm enhance financial and

operational performance as well as foster observance of policies that are


24

prescribed (Hopkin, 2012). In a different viewpoint, Ndungu (2013) defines

internal control systems as set of organizational procedures and policies that

ensure that all transactions are processed in the proper way in order to avoid

theft, waste and misuse of an organisation‟s resources.

Similarly, several others such as Cunningham (2004), International

Organization of Supreme Audit Institutions [INTOSAI] (2004), Kaplan (2008)

and COSO (2013) are of the view that internal control systems are processes

put in place by the management, board of directors and other personnel of an

entity, to offer reasonable assurance as regard the realization of organizational

objectives. These objectives comprise efficiency and effectiveness of

operations, trustworthiness of management and financial reporting, observance

of applicable regulations and laws, as well as the safeguard of an entity‟s

reputation. As stated by Cunningham (2004), internal control systems come

into being as internal processes purposely to help a corporation to achieve its

set objectives.

According to the International Federation of Accountants [IFAC]

(2006), COSO‟s Integrated Framework for Internal Control (1992) and the

Turnbull‟s Guidance on Internal Control (1999) took a much broader approach

to internal controls than Sarbanes-Oxley, in terms of scope, objectives and

approach. They focused on a risk-based approach to internal controls by

adopting controls covering the company‟s entire range of activities or

operations, and not just those directly related to financial reporting (Moeller,

2013).

A critical evaluation of the above definitions and descriptions point out

that the purposes of internal controls are to enhance better operational


25

efficiency and financial reporting of organisations (COSO, 1992). It is also

evident from these definitions that internal controls affect all facet of an

organisation and is therefore thought of as the responsibility of management,

board of directors and other personnel in an organisation (Adams, Grose,

Leeson & Hamilton, 2004).

Internal control systems, according to Udu (2006), can be classified

into detective, preventive, directive and corrective or compensating controls.

These functions purport to minimize material errors, omissions, wastes,

malicious acts and frauds which in turn ruin firm performance (Singleton &

Singleton, 2010). COSO (2013) further accentuated that for internal control

systems to detect, prevent and correct material misstatement or perform its

function of providing reasonable assurance that performance targets will be

achieved, the systems must be embedded in the day to day activities of

corporate organisations.

The COSO framework of internal control segregates the internal

control systems into five dimensions namely: control environment, control

activities, risk assessment, information and communication, and monitoring

activities (Arwinge, 2013; COSO, 2013). This framework has been an

illustrious framework of internal control and has been adopted by several

organisations, including the World Bank and World Health Organisation. The

components are depicted in Figure 1.


26

Figure 1: COSO Internal Control Integrated Framework

Source: COSO, 2013

Monitoring: On-going or separate Monitoring and Reporting deficiencies

Control Activities:

Selection & Development of

Control Activities, Control

over Technology and

Policies & Procedures

Risk Assessment:

Specifying Objective, Risk

Identification, Risk Assessment and

Risk Response

Control Environment: Board Oversight, Integrity & Ethical values, Structure,

Authorities & Responsibilities, Human Resources Polices

& Practices and Accountability


27

Control Environment (CE)

Control environment has been defined in various ways by researchers.

Ramos (2004) believes that control environment is the foundation of the

internal control systems and it sets the tone at the top, influencing the control

consciousness of all staffs of an organization. As indicated by Jokipii (2006),

control environment is the style, philosophy, and supportive attitude, in

addition to the ethical values, competence, morale and integrity of those

involved with the organization. Similarly, Whittington and Pany (2006) refer

to control environment as that aspect of internal control that offers the

structure and discipline for the realization of the main objectives of internal

control systems in addition to the climate which affects the entire quality of

the systems of internal control.

From the above descriptions, control environment relates to the

management and other key staff who make decisions in an organisation

reflecting their philosophy and style. Equally, control environment from the

foregoing is influenced by the culture of organization and has a way of

impacting on the manner in which an organisation‟s activities are structured

(Ndugu, 2013). Therefore, for an organisation to achieve its goals,

management, board of directors and other key personnel ought to uphold good

ethical values and integrity (Kaplan, 2013).

In view of the literature on control systems, control environment

comprises key dimensions. However, the number of these dimensions is

subject to debates. For instance, Gyasi (2013), operationalizes control

environment and limits it to three dimensions namely, philosophy and

operating style of the directors and management, the entity‟s organisational


28

structure and methods of assigning authority and responsibility as well as

directors‟ methods of imposing control including internal audit function. On

the other hand, COSO (2013) posits in the updated internal control framework

that control environment dimensions include board oversight, integrity and

ethical values, structure, authorities and responsibilities, human resources

policies and practices, and accountability.

In November, 2013, World Health Organisation (WHO) also adopted

COSO‟s internal control framework and introduced an additional dimension

known as strategic direction. Nevertheless, CE dimensions provided by COSO

internal control framework remain consistently applied in the literature. Board

oversight refers to executive board structure that exists to demonstrate board

independence from management and exercises oversight for the development

and performance of internal control (COSO, 2013). This description of board

oversight remains the authoritative definition for this dimension in assessing

control environment (WHO, 2013).

Integrity and ethical values, according to Trainor (2007), involves

board strategy of setting examples regarding ethical behaviour to serve as the

standard of measure within the entire organisation. In this wise, Hayes, Dassen

Schilder and Wallage (2005) assert that this dimension measures the standards

of ethical behaviour which exists and processes which are in place to

encourage staff to fulfil their duties with integrity. These descriptions given to

the second dimension of control environment align with both the earlier

version in 1992 and the updated version of 2013 COSO framework for internal

control systems.


29

Similarly, structure, authorities and responsibilities as CE dimension

converge around responsibilities, delegation of assignment and establishment

of policies to support the objectives of organisations (Omane-Antwi, 2009).

Furthermore, the human resources‟ policies and practices dimension,

according to Kaplan (2013), measure the policies and procedures designed and

implemented by an organisation to attract, develop and retain talents in

support of the organisation‟s objectives including policies and practices for

managing performance.

Accountability dimension under CE refers to the extent to which

organisations put in place policies and procedures to hold members

accountable for their internal control responsibilities (COSO, 2011). The

essence of accountability is to minimise misuse of resources and control sense

of entitlement among members of the organisation (COSO, 2013).

Consequently, Gyasi (2013) points out that when the control environment is

strong, the organisation achieves favourable performance and commitment to

growth is enhanced.

Risk Assessment (RA)

Sudsomboon and Ussahawanitchakit (2009) define risk assessment as

the identification and analysis of management relevant risk to the preparation

of financial statements. In a different perspective, Theofanis, Drogalas and

Giovanis (2011) claim that risk assessment is the process of discovery and

evaluating risks to the realization of an organization‟s objectives. Risk

assessment process forms part of the internal control components. As noted by

Kaplan (2013), risk assessment has to be systematic and embedded in the

procedures and operations of an entity.


30

According to Woolf (2013), in order for corporate organisations to

identify and evaluate controllable and non-controllable risks that affect

operations on a timely manner, risk assessment must be conducted on an on-

going basis. Controllable risks are those risks which procedures of internal

mechanism can reduce or eliminate while uncontrollable risks are risks that

result from the environment in which the organization operates and cannot be

reduced (Davies & Aston, 2010). Like the control environment, the risk

assessment process also has some dimensions (COSO, 2013; Kaplan, 2008;

WHO, 2013).

Although internal control experts believe the existence of different

dimensions to risk assessment process, there is no common agreed measure of

these dimensions. For instance, researchers such as Kaplan (2008) and Gyasi

(2013) articulate the dimensions as entity-wide objectives, activity-level

objectives, risks and managing change. On the other hand, experts including

COSO (1992, 2011, 2013) and WHO (2013) also classify risk assessment

process into four dimensions, namely specifying objectives, risk identification

and prioritization, change management and risk response. This framework

remains the consistently applied internal control principles (Ndungu, 2013).

Specifying objectives involves stating organisational objectives with

sufficient clarity to enable the identification and assessment of risks relating to

objectives (COSO, 2013; WHO, 2013). Also, COSO and WHO explained that

the risk identification and prioritisation dimension involves, identifying and

analysing risks across the organisation for the purpose of determining how to

respond to those risks. Regarding change management, it relates to how

management promotes continuous improvement and solicits inputs and


31

feedback on the implication of significant change (Moeller, 2013). Finally,

according to COSO and WHO, once the potential significance of the risk has

been assessed, management considers how the risk should be managed and

this is the risk response dimension.

According to Kaplan (2008), an effective design and implementation

of risk assessment process would enhance corporate performance. Sayior

(2010) adds that the consequence of an effective risk assessment process on

performance is obvious because risk assessment forms the basis for

determining where internal control activities are needed. According to Saiyor,

risk assessment enables an organization to focus on those risks that will impact

on the overall success of the firm. This connotes that an effective risk

assessment process in the insurance industry will aid industrial players in their

risk identification and assessment so as to respond to risks to the achievement

of performance target through the design and implementation of a risk

management programme. This will minimize uncertainty and ultimately

improve industrial performance.

Control Activities (CA)

The Committee of European Insurance and Occupational Pensions

Supervisors [CEIOPS] (2003) defines control activities as measures that help

ensure that necessary actions are taken to address risks to the achievement of

an entity‟s objectives. According to CEIOPS, control activities include

policies governing underwriting policy, fulfilment of the solvency requirement

as well as information systems. Similarly, Kaplan (2008) notes that control

activities consist of procedures, policies, and systems which ensure that

management directives and controls over financial reporting are carried out.


32

WHO (2013) also contends that control activities are the actions that are

established through policies and procedures to help ensure that management‟s

directives to manage risks and achieve objectives are carried out, including the

use of technology to conduct business activities.

Critical scrutiny of the above explanations, stipulates that control

activities are made up of policies and procedures. Control activities

dimensions, according to Arwing (2013), could be preventive, detective, or a

combination of both. In a different perspective, COSO (2013) describes

control activities dimensions as the selection and development of control

activities, general control activities over technology and policies and

procedures.

Selection and development of control activities refer to the selection

and design of control activities to manage business risk, taking into

consideration the operational environment (COSO, 2013). General control

activities over technology reflect developing controls to ensure integrity of

information systems as well as control access to information systems. Of the

three, policies and procedures relate to written policies and procedures that

establish what an organisation requires from its staff (Moeller, 2013; Shim,

2011). These policies and procedures, according to COSO as cited by Njeri

(2014), are built into the business processes which support quality and

empowerment initiatives, avoid unnecessary costs and enable quick response

to changing conditions. This infers that where an organisation builds into its

business process strong control activities, performance levels are enhanced.


33

Information and Communication (IC)

The information and communication constituent of internal control is

made up of information system and communication (INTOSAI, 2004).

Communication systems denote methods and channels that organizations

adopt to convey essential information, directives and policies (INTOSAI,

2004; Shim 2011). Of importance is the fact that, for communication systems

to be effective, information must flow up, down and across the organization by

means of identifying, capturing and passing on pertinent information in a

timely manner to responsible parties to take appropriate action. Similarly, in a

former contribution, Noel (2010) maintains that surrounding the activities of

control environment are systems of information and communication that allow

the people of the organization to pick up and interchange the information

required to control, manage and conduct its operations.

CEIOPS (2003) notes that for an organisation to ensure a successful

insurance undertaking, information must be accurate, relevant and reliable in

order to ensure that accounting systems properly identify, assemble, analyse,

classify, record and report the entity‟s transactions. The response from this

communication enables the board of directors and management to assess how

well the internal control is functioning (Shim, 2011). Consequently,

information and communication are necessary for achieving the organization‟s

objectives since they support the functioning of the other components of ICS.

However, weaknesses in the information and communication may render the

other components ineffective and may cause wastes of resources and clients‟

dissatisfaction (COSO, 2011).


34

Monitoring of Controls (MC)

The last component of the internal control system is monitoring. A

crucial aspect of any complete system of internal controls is regularly

monitoring how effective the internal controls are, in order to find out whether

or not they are properly designed and also functioning (Treba, 2003).

Monitoring, according to DiNapoli (2007), is the review of an organization's

activities and transactions to assess the quality of performance over time and

to determine whether controls are effective. Saiyor (2010) also argues that

monitoring involves the process that evaluates the quality of internal control

system‟s performance with time. Constructs employed in measuring

monitoring, as pointed out by Shim (2011), include on-going monitoring and

separate evaluations by internal auditors.

In a different perspective, COSO (2011) measures the dimensions of

monitoring as on-going and separate evaluations, reporting of deficiencies and

implementing corrective measures. On-going monitoring and separate

evaluations, according to Arwinge (2013) and Johnstone, Gramling and

Rittenbergs (2013), are normally incorporated into the usual, recurring

activities of an organization and it includes routine checks and evaluations by

management to ascertain the effectiveness of control procedures. Reporting

deficiencies and implementing corrective action reflect communicating

irregularities to those responsible for taking corrective action to act upon those

findings at appropriate levels (Moeller, 2013).

From the above discussion, it could be said that the essence of

monitoring systems of internal control is to ensure that the systems are

properly designed and are operating effectively (Whittington & Pany, 2006).


35

This means that organisations regularly need to evaluate the design and

operation of the controls to ascertain whether the internal control components

are effective to mitigate relevant risk to an acceptable level. In essence, Di

Napoli (2007) submits that in order to ensure effective monitoring of internal

control and achieve performance targets, personnel are expected to know and

understand the objectives, mission, and the level of risk tolerance of the

organization, as well as their individual responsibilities.

In the literature, different researchers have used different methods in

measuring the effect of internal control systems on organisational

performance. While some researchers adopt Likert scales to estimate the

influence of internal control systems on performance (2011; Mugo, 2013;

Muraleetharan, 2011; Siayor, 2010), others have used dichotomous scales.

Even though a number of authors have often used Likert scale, the points on

the scale and number of items on the instrument differ considerably. For

instance, while some use 5-point scale, others also use 4-point and 3-point

scales (Muraleetharan, 2011; Siayor, 2010). The summary of the various

components and their respective elements is presented in Table 1.


36

Table 1-Internal Control System and Factor Structure

Components of Internal Control systems

Control Environment -Integrity and ethical values,

-Commitment to competence

-Oversight by those charged with governance

-Management‟s philosophy and operating

style

-Organizational structure

-Assignment of authority and responsibility

-Human resource practices and policies

Risk Assessment Process -Specify objectives

-Identify risks associated with objectives

-Analyse risks and

-Determine risk management program

-Identify, assess and manage change

Control Activities -Policies

-Procedures

Information

&Communication

-Generates relevant information

-Internal communication

-External communication

Monitoring of Controls -Ongoing monitoring

-Separate evaluation/periodic monitoring

-Reporting deficiencies

Source: Author‟s construct from literature


37

The systems of internal control and its components namely control

environment, risk assessment, control activities, information and

communication system as well as monitoring of controls have been discussed.

Different methods of measuring systems of internal control have also been

deliberated on. The next segment concentrates on performance measurement.

Performance Measurement

Neely, Gregory and Platts (2005) define performance measurement as

metrics used to quantify and compute an action‟s efficiency and effectiveness.

In a different viewpoint, performance measures, according to Cheng (2008),

are systems by which organizations monitor their operations and evaluate

whether the organization is attaining its goals. Performance measure, as

indicated by Bhimani, Hongren, Datar and Foster (2008), is central to every

management control system. Effective performance measurement is essential

in ensuring that an organization‟s business strategy is successfully

implemented. The purpose of performance assessment is not only to know

how well a business is performing but also to ensure that the business

performs better so as to help it to serve its customers, employees, owners and

stakeholders (Okwo & Mariri, 2012).

Proper performance measures, according to Dixon, Nanni and

Vollmann (1990), are the measures which enable organizations to focus their

actions on realizing the strategic objectives of the organization. Specifically,

Tangen (2003) posits that performance measures are metrics employed to

quantify the effectiveness and efficiency of organisational action. Bourne,

Neely, Mills and Platts (2003) also believe that these explanations are precise

but fail to convey the notion labelled in present-day literature and in practice


38

as performance measurement. According to Bourne et tal., performance

measurement refers to the use of a multi-dimensional set of performance

measures.

Multi-dimensional measures of performance are measures that

combine both financial and non-financial key performance indicators (KPI)

(Fitzgerald and Moon, 1996). Multi-dimensional performance measures have

thus gained popularity both in research and practice as they capitalize on the

strengths of single-dimensional measures while minimizing their weaknesses.

The proponents of multi-dimensional performance measures argue that both

internal and external measures of performance are used to quantify current and

future performance (Cheng, 2008; Kotey & Meredith, 1997). To combine the

multi-dimensional measures of performance, researchers including Zuriekat,

Salameh and Alrawashdeh (2011) have used the Likert scale type self-

assessment questionnaires in collecting data. An example of multi-

dimensional performance measures is the building block model.

Financial or quantitative performance measures consist of performance

indicators such as, operating profit, net profit, dividend yield, return on asset,

cash flows, return on capital employed, residual income and value added

income (Horngren, Datar & Foster, 2006). Financial performance as

expounded by Khan and Jain (2013) and Garrison, Noreen and Brewer (2011)

could be relative measures or absolute measures. According to Horngren,

Datar and Rajan (2013), relative financial performance measures are those

measures that relate profit or return with the resources used in generating such

profit. This approach to performance measurement is helpful in that it enables

inter and intra firm comparisons.


39

Absolute financial performance measures, on the other hand, are

performance indicators based on absolute quantum of return or equivalent

return (Garrison, Noreen & Brewer, 2011). Equivalent return implies diverse

forms of return namely profit after tax, profit before interest and tax, economic

value added and residual income. Arguments raised against absolute

performance measure by supporters of relative measures include its failure to

relate return to the resources used to generate the return (Horngren et al.,

2013).

Despite the imperative role that financial performance plays in

performance measurement, critics have argued that firstly, they are historic in

nature, are subject to manipulation and lack predictive value (Emmanuel &

Otley, 1995; Kaplan & Norton, 1996; Smith, 2005; Venanzi, 2011). Secondly,

in order to achieve the target, financial result, managers may be tempted to

make decisions that will improve short-term financial performance but have a

negative impact on long-term performance (Dallas, 2011; Kaplan, 2014).

Thirdly, the use of these short-term financial performance indicators has

limited benefits to the company as it does not convey the full picture regarding

the factors that drive long-term performance of business organisations (Drury,

2012).

Non-financial or qualitative measures, on the other hand, as cited in

Agyei-Mensah (2009), are performance indicators based on non-financial

information which originates in and is used by cost and profit centres to

monitor and control their activities without any accounting input. Examples of

non-financial performance measures introduced by the building block model

include quality of service, flexibility, resource utilization, innovation and


40

competitive performance (Kaplan, 2014). These measures provide managers

with timely information centred on the causes and drivers of success and can

be used to design integrated evaluation systems (Banker, Potter & Srinivasan,

2000; Kaplan & Norton, 1996; Woolf, 2014).

Qualitative measures portray the bigger picture regarding factors that

drive long term profitability (Fitzgerald & Moon, 1996; Hongren et tal., 2006).

Measured generally via scales, qualitative performance indicators are largely

anchored to objectively define performance criteria (Glancey, 1998).

Moreover, empirical evidence exists in the accounting literature, supporting

the reliability and validity of qualitative measures (Abdel-Maksoud & Abdel-

Kader, 2007; Kaplan & Norton, 1996). Critics however maintain that

qualitative performance measures are sometimes too comprehensive (Kaplan,

2014).

Fitzgerald and Moon (1996), in a study of the performance

measurement in service industries, developed a framework known as the

building block model for the design of a multi-dimensional performance

indicator for measuring business performance in the service industries.

According to them, the building block comprises dimensions, standards and

rewards. Dimensions as expounded by Fitzgerald and Moon are the corporate

goals for which performance indicators must be developed to measure.

Competitiveness, financial performance, service quality, flexibility, resource

utilisation and innovation are the dimensions of the model. Standards, on the

other hand, are the indicators used to measure the goals (Woolf, 2014). They

include market share, customer base, profitability, liquidity, responsiveness,

delivery speed, efficiency, innovation and performance of innovation.


41

Fitzgerald and Moon (1996) measured dimensions using the various

forms of measuring corporate goals. The empirical data was collected through

in-depth interviews combined with an examination of internal documents and

the non-participatory observation of company practices, including in some

instances company meetings. The interviews were carried out with a range of

personnel both at corporate or partnership level and at business unit level,

involving 50 individuals.

In borrowing a cut off point for the scale of measurement, the

measurement scale used by Yeboah (2013) in his study of “do auto-artisans

practice entrepreneurial orientation” was looked at. In Yeboah‟s (2013) study,

Yeboah examined the extent to which Cape Coast auto-artisans demonstrated

entrepreneurial orientation. Data were obtained through self-administered

questionnaire to 114 auto-artisans. The scale of measurement was a five point

Likert scale. The dimensions of entrepreneurial orientation were classified to

be low and high if the scale was 1-2.9 and 3-5 respectively. To correct for

possible errors, the cut-off point was based on the mean score of 3 minus 0.1.

The results of the study revealed high entrepreneurial orientation by the auto-

artisans.

Empirical Review

This section reviews the current state of the subject matter. It provides

evidence on prior studies. The purpose of the section is to uncover the existing

gaps in literature and how the present study contributes to resolving such gaps.

Various critiques are drawn in this section. The section also lays the basis for

comparison of the results of the present study to existing literature. The

detailed review is presented below.


42

In Uganda, Mawanda (2008) examined the effect of systems of internal

control on financial performance in a higher learning institution by

considering internal controls from the perspective of control environment,

control activities and internal audit. The measures of financial performance

adopted were liquidity, financial reporting and accountability. Mawanda

sought to determine the functionality of internal control system, the level of

financial performance and the relationship between controls system and

financial performance.

Both qualitative and quantitative research approach was employed by

Mawanda (2008). The study was conducted with a combination of

correlational-survey and case study designs. In order to combine the different

units of financial performance, primary data were elicited through the use of

self-assessment questionnaires. Interview guide was also used to capture data

from key informants. Secondary data, on the other hand, were collected from

available records and documents. Although, the author failed to specify the

sample size

effect of internal control systems on performance … · oversampling techniques were adopted....

Documents